X.org is an open source implementation of the X Window System. It providesthe basic low-level functionality that full-fledged graphical userinterfaces are designed upon.

iDefense reported two integer overflow flaws in the way the X.org serverprocessed CID font files. A malicious authorized client could exploit thisissue to cause a denial of service (crash) or potentially execute arbitrarycode with root privileges on the X.org server. (CVE-2006-3739, CVE-2006-3740)

Users of X.org should upgrade to these updated packages, which contain abackported patch and is not vulnerable to this issue.

4. Solution:

Before applying this update, make sure all previously released erratarelevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriateRPMs being upgraded on your system.